Is XDR available for iOS, iPadOS, and Android devices in Hexnode?Solved

Participant
Discussion
2 days ago Jul 15, 2026

We currently manage mostly iPadOS devices in Hexnode, enrolled through Apple Business Manager and assigned to individual users. Most devices run with standard policies and required apps, while a smaller group is locked down in kiosk mode. Some users can use their own iCloud accounts and browse the internet, depending on the policy. We are reviewing our endpoint security setup and wanted to know if Hexnode XDR can be used for iOS/iPadOS or Android devices. We also use Microsoft Entra ID for user management, but IDP is not the main requirement right now. The priority is device-level protection for mobile devices, especially for users who may need a simple experience and cannot handle frequent passcode prompts. If XDR is not available for mobile platforms, what would be the recommended way to improve security on managed iPads and future Android devices?

Replies (4)

Marked SolutionPending Review
Hexnode Expert
2 days ago Jul 15, 2026
Marked SolutionPending Review

Hexnode XDR is not currently available for iOS, iPadOS, or Android devices. XDR capabilities are generally more relevant for desktop operating systems such as Windows and macOS, where endpoint threat detection and response workflows are more commonly required.

For iOS and iPadOS, Apple’s platform security model already provides strong protection through sandboxing, app signing, data encryption, and managed device controls. When these devices are supervised and managed through Hexnode, you can further strengthen the setup using MDM policies rather than XDR.

Recommended security controls for managed iOS/iPadOS devices include:

  1. Enforce a passcode policy
    – Require a device passcode.
    – Configure passcode complexity based on the user group.
    – Use a simpler passcode requirement where accessibility or cognitive limitations need to be considered.
  2. Use supervision-based restrictions
    – Restrict account modification if users should not add unmanaged accounts.
    – Control Safari access where open browsing is not required.
    – Disable unnecessary sharing, app installation, or device modification options.
  3. Apply kiosk mode where appropriate
    – Use single app or multi-app kiosk mode for devices that should only access approved workflows.
    – Keep more open policies only for users who require general internet or app access.
  4. Deploy required apps through policy
    – Push approved apps automatically.
    – Keep app availability consistent across user groups.
  5. Use network and web protection tools where needed
    – If you already use VPN, phishing protection, or carrier-level security filtering, those can complement Hexnode’s MDM controls.

Microsoft Entra ID integration can still be useful for user-based management and directory synchronization, but it is separate from XDR. If the requirement is specifically endpoint detection and response for iOS/iPadOS or Android, that capability is not currently supported in Hexnode.

Marked SolutionPending Review
Participant
2 days ago Jul 15, 2026
Marked SolutionPending Review

That makes sense. The main concern with passcodes is that some users may not be able to remember or enter them repeatedly. Is it possible to use a passcode policy without making the device difficult to use every time?

Marked SolutionPending Review
Hexnode Expert
1 day ago Jul 15, 2026
Marked SolutionPending Review

A passcode policy can still be used as an added security layer without making the device overly restrictive. The key is to configure it according to the user group.

For example, you can apply different policies for:

  • Devices used in kiosk mode.
  • Devices assigned to users who can manage a standard passcode.
  • Devices used by individuals who need a simpler access flow.

For new devices, the passcode requirement can be configured before the device is shipped or handed over. For existing devices already in the field, it is better to roll out the change in phases and coordinate with the users or caregivers so they know what to expect.

If repeated passcode entry is a concern, review related settings such as auto-lock duration and passcode complexity. The goal is to balance accessibility and protection rather than applying one strict passcode rule to every device.

Marked SolutionPending Review
Participant
1 day ago Jul 16, 2026
Marked SolutionPending Review

Okay got it thanks for the help!

Save